Halliburton 2021 Annual & Sustainability Report Governance 19 G2 Enterprise Risk Management Halliburton takes a consistent, systematic, Our Risk Management and integrated approach to our Enterprise Risk Sustainability Commitments Management (ERM) program, which our Board • Streamline risk categories, risk identification, and of Directors oversees. Designed to identify, risk management to ensure best alignment with mitigate, and manage enterprise-level risks Halliburton strategy and place a critical focus on to our organization, our ERM assessment what matters most. process includes a review of items that may • Enhance cross-functional visibility to and collaboration among key stakeholders throughout impact company strategy, business continuity, the organization to ensure consistency, uniformity, and crisis management — among other and a strategic approach to risk assessment, strategic risks to the Company. identification, and mitigation. 2021 HIGHLIGHTS Enhancements to Risk Controls Global IT Infrastructure Through our risk assessment process, we continually review Halliburton is on a strong path to advance our digital our risks to ensure that the Company focuses on those with capabilities — doing so will allow us to reduce capital the greatest potential impact to our organization. We embed expenditures, enhance security, speed delivery, and any identified risks into our strategic planning for the improve service quality (SQ). A shift is underway to years ahead. transfer applications and data from our physical data centers into a cloud-based digital platform while retaining In 2021, as part of the risk identification phase of our a smaller number of network hubs that ensure secure assessment, our ERM group surveyed a broad group of access to cloud resources. When we complete this more than 190 leaders representing different parts of the initiative, our physical footprint contained within these Company around the world and interviewed 29 senior- network hubs will decrease by 77% from 2020. Last year, level, strategic leaders. We reported the findings to the our team transferred significant amounts of our computer Board of Directors’ Audit Committee, as well as to leaders and storage workload to the cloud and are on target who manage a part of the organization with an to complete all scheduled moves by the third quarter identified risk. of 2022.